[pkg-lxc-devel] Bug#947863: lxc: apparmor denied mount with unprivileged lxc
josch at debian.org
Wed Jan 1 16:13:50 GMT 2020
Quoting Pierre-Elliott Bécue (2020-01-01 16:25:24)
> I'm sorry but lxc unprivileged containers can't run with any apparmor
> profile. You have to set this parameter to unconfined for your unprivileged
> containers. Setting a default profile for unconfined containers is a hard
> thing as only etc/default/lxc.conf is an option, but it'd also apply to
> privileged containers.
but I don't understand why this is a wontfix?
If lxc unprivileged containers cannot run with any apparmor profile, then why
do files like /usr/share/lxc/config/userns.conf not include a line like:
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
More information about the Pkg-lxc-devel